Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
sloganpng
top title background image
flash

file.exe

Status: finished
Submission Time: 2023-06-06 17:14:16 +02:00
Malicious
Trojan
Evader
BlackGuard

Comments

Tags

  • NET
  • exe
  • MSIL

Details

  • Analysis ID:
    882710
  • API (Web) ID:
    1249687
  • Analysis Started:
    2023-06-06 17:21:07 +02:00
  • Analysis Finished:
    2023-06-06 17:28:41 +02:00
  • MD5:
    296fd972f13fe3f371d16ff2430a3e81
  • SHA1:
    056a3fbe0a88a39348e8b99f0cffb3c6e63b5655
  • SHA256:
    7f6453437b84cd7518a1e628565a13f76bf09aa376eab94224fc269e3ef804a5
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
Full Report Management Report IOC Report
malicious
Score: 88
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report
malicious
Score: 33/71
malicious
Score: 12/37
malicious

URLs

Name Detection
http://upx.sf.net

Dropped files

Name File Type Hashes Detection
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_file.exe_d2892c472895a2b98efdcdcd7642ab4d7ea6c2_3b20dbdc_17059a9d\Report.wer
 Unicode text, UTF-16, little-endian text, with CRLF line terminators
 #
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7C19.tmp.dmp
 Mini DuMP crash report, 15 streams, Wed Jun 7 00:22:17 2023, 0x1205a4 type
 #
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7E1E.tmp.WERInternalMetadata.xml
 XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
 #
Click to see the 2 hidden entries
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7E4D.tmp.xml
 XML 1.0 document, ASCII text, with CRLF line terminators
 #
C:\Windows\appcompat\Programs\Amcache.hve
 MS Windows registry file, NT/2000 or above
 #